Are we confident that this pattern has had enough testing across a range of services to be sure this is the best way to solve this problem? – Would different approaches work better for different combinations of sign-in methods or services?

Clifton Green Just a suggestion, but I would try versions of the images for smaller screens where the 'zoomed in bit' is underneath the 'zoomed out bit'. That should make the images less wide and you should be able to fit them on a 320px screen comfortably.

Currently, GOV.UK Verify asks for proof of a persons identity - this is rightly an in-depth process. However not all services need this, and it's against guidelines to ask for data that's not actually necessary for a service. So a good alternative for now might be to use 'passwordless' accounts that send a time-limited token to a user's email address, as used by services including Slack and Medium. We would need to check this is compatible with government security policy.